Skip to content

Shrink the install prompt and harden the shipped docs against agent audits#48

Merged
ejntaylor merged 1 commit into
mainfrom
shrink-connect-install-prompt
Jul 14, 2026
Merged

Shrink the install prompt and harden the shipped docs against agent audits#48
ejntaylor merged 1 commit into
mainfrom
shrink-connect-install-prompt

Conversation

@ejntaylor

Copy link
Copy Markdown
Contributor

Summary

Field-test runs showed hostile agents npm pack the published tarball and audit everything in it, so this trims the install prompt (the npmjs.com URL was the only clause that proved safely removable — shorter variants were refused) and moves the refusal-mode rationale out of the shipped README into field-test/README.md, where a new mode 5 documents that the shipped docs are themselves audit surface. It also fixes the doc contradictions agents cited as refusal reasons: the undisclosed protect command is now documented in the README CLI table and AGENT-INSTALL.md, the "no env vars" payload claim is scoped to values with mark-build's env-name stamping disclosed, and the site-UUID guidance no longer says "keep it out of public repos" while the widget ships it in client HTML. A new CLAUDE.md records the prompt-is-a-tested-artifact invariants (prompt.txt ↔ README sync, hostile 3-round gate, no reassurance language). Note: the hostile gate cannot go consistently green until these doc fixes are published, since the harness installs the published package — publish, then re-run node field-test/run.mjs --persona hostile --rounds 3.

🤖 Generated with Claude Code

…the shipped docs

Field-testing showed agents npm-pack the published tarball and read everything
in it, so the README section narrating how the prompt "survived AI-agent
refusal modes" was itself being quoted as a manipulation signal, and every
contradiction between the docs and dist/ was treated as misrepresentation.

- Trim the prompt's npmjs.com URL (npm view covers registry verification);
  aggressive shrinks were refused — the remaining clauses are load-bearing
- Move the refusal-mode catalog into field-test/README.md (dev-only, unshipped)
  and add mode 5: the shipped docs are part of the audit surface
- Disclose the opt-in protect command in README + AGENT-INSTALL.md
- Scope the "no env vars" payload claim to values; disclose mark-build's
  env-name stamping
- Reconcile the site-UUID guidance (public by design, commit .patchstackrc.json)
  with the widget's userToken
- Soften AGENT-INSTALL's "trust the checklist" and "don't pause" phrasing
- Add CLAUDE.md capturing the prompt-is-a-tested-artifact invariants

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@coderbuds

coderbuds Bot commented Jul 14, 2026

Copy link
Copy Markdown

Well-structured docs clearly strengthen AI-agent audit defenses.

🎯 Quality: 100% Elite · 📦 Size: Small

📈 This month: Your 213th PR — above team average · Averaging Excellent

See how your team is trending →

@ejntaylor

Copy link
Copy Markdown
Contributor Author

/review

@ejntaylor ejntaylor merged commit f3b0e0d into main Jul 14, 2026
4 checks passed
@ejntaylor ejntaylor deleted the shrink-connect-install-prompt branch July 14, 2026 08:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants